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METHOD FOR OPERATING A DATA PROCESSING SYSTEM WITH 
COPY PROTECTION FOR USER PROGRAMS 



The invention is directed to a method for operating a data processing 
system with copy protection for user programs. 

The production of user programs requires considerable development time 
and specific know how; it is therefore relatively involved. User programs are often 
loaded onto storage media, for example on CDROMs, and supplied to the user in this 
condition. Such storage media are relatively inexpensive and are unrelated to the 
economic outlay that is incurred in the production of the user program. It is not only 
relatively easy to make legal backup copies of such storage media with traditional 
data processing systems, bit pirated copies of these user programs can also be easily 
produced and handed over to further users for a certain price or distributed in some 
other way. The producer of the user programs thus suffers considerable damage. 

Numerous copy protection methods have been developed in order to put 
and end to this practice. In a widespread copy protection method, a dongle is 
employed that is plugged onto a parallel interface, onto a serial interface of a USB bus 
of a data processing system. This dongle is supplied to the user together with the user 
program. The dongle as well as the user program contain the same copy protection 
identification in the form of alphanumerical characters. The present of the dongle 
and, thus, of the copy protection information, is queried either at the program start or 
continuously during the program operation. When an attempt is made to operate the 
user program without dongle, then it is aborted. 

When there are a great number of users who require different user 
programs, then a dongle is to be provided for each user. One storage medium per user 
must then be provided, the user programs intended for this user being contained 
thereon and then containing the same copy protection identification as the respective 
dongle. When a user orders following user programs, then the following steps are 
respectively required: producing a storage medium for this user; storing the user 
programs requested by the user; providing the user programs with the copy protection 



identification of the dongle. Such a procedure is involved both for the user as well as for the 
producer of such user programs. US-A-5, 386,369 discloses a method based on dongles. 

An object of the invention is to offer a method for operating a data processing 
system with copy protection for user programs that assures a dependable copy protection, 
works simply and can be realized with little outlay for producer and user. 

According to the invention, a method for operating a data processing system 
with copy protection for user programs is offered, 

whereby a plurality of application [sic] programs as well as an installation program and a 
cryptoprogram are on hand on a storage medium, 

when processing the installation program on the data processing system, the user inputs a 
copy protection identification, a user identification that identifies the user and an encrypted 
product identification that identifies at least one user program, 

each user program contains a predetermined memory area into which the copy protection 
identification can be entered, 

the installation program compares the copy protection identification that has been input to a 
copy protection identification connected with the data processing system and, given 
coincidence, deciphers the encrypted product identification upon utilization of the user 
identification as key, and identifies the user program selected in the product identification, 
that [sic] the selected user program is loaded from the storage medium into a memory area of 
the data processing system, 

the cryptoprogram enters the copy protection identification into the predetermined memory 
area of the selected user program, 

and whereby, before the running of the selected user program, the copy protection 
identification contained in the predetermined memory area is compared to the copy 
protection identification connected with the data processing system, and the user program is 
run only given coincidence. 

According to the invention, a product identification and a user identification are 
communicated to the user. The product identification, preferably composed of 
alphanumerical characters, identifies — in encrypted form — the user 
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program or, respectively, a plurality of user programs purchased by the user. Further, 
the user contains [sic] the user identification, likewise, for example, in the form of 
alphanumerical characters. This user identification serves as key for the encryption 
and deciphering of said product identification. With the assistance of this product 
identification and the user identification, only those programs that are referenced in 
the product identification are enabled for the user. Accordingly, one storage medium, 
for example a CDROM, can contain all user programs of the manufacturer of the user 
programs. The customer or, respectively, user, however, can only access those user 
programs that he actually ordered and purchased and that can be enabled for him. The 
copy protection with the assistance of the copy protection identification is retained, 
i.e. the data processing system on which the user program is run is directly connected 
to a copy protection identification with the assistance of a hardware module. This user 
program can only be run on the specified data processing system when the user 
program also contains this copy protection identification; otherwise, operations are 
aborted. In this way, even the production of pirated copies and their forwarding to 
other users is [sic] worthless, since this other user does not possess the matching user 
identification, the matching product identification and the matching copy protection 
identification. 

In one exemplary embodiment of the invention, the product identification 
also contains the copy protection identification, whereby this copy protection 
identification is also compared to the copy protection identification connected with 
the data processing system, and the running of the further program steps only 
continues given coincidence. Usually, the copy protection identification is assigned 
only once. Accordingly, a copy protection for the user programs themselves is still 
present even if the product identification is improperly handed over to another user. 

An authentication between the installation program and the key program 
is preferably undertaken when calling the key program, which enters the copy 
protection identification in predetermined memory areas of the user program. In this 
way, a traditional, modular key program that usually runs on standard data processing 
systems can be employed. Nonetheless, a protection of the key program ensues due to 
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the authentification between key program and installation program, and an adequate 
protection against misuse is established. 



basis of the drawing. Shown therein are: 

Figure 1 a flowchart that shows critical steps of the inventive method; 

Figure 2 the flowchart when a new user orders one or more user programs; and 

Figure 3 the executive sequence when an old user orders user programs. 



flowchart. The customer or user receives a plurality of user programs from the 
manufacturer of these user programs on a storage medium, for example a CDROM, 
according to the order. The user, for example, has only ordered a specific selection of 
user programs and only paid for these. Nonetheless, many other user programs, 
which could be of use to the user in future and of which he can definitely make 
security copies, are on this storage medium. Further, the user receives a dongle from 
the manufacturer with a copy protection identification KI D . This dongle must be 
plugged onto the parallel interface of the data processing system in order to be able to 
run the installation program and enable a proper operation of the user program, which 
has yet to be installed. Further, the user receives an alphanumerical user identification 
AI. This user identification serves later as key for deciphering the product 
identification PI that is likewise given to the user. This product identification PI, for 
example, is likewise composed of alphanumerical characters and contains, on the one 
hand, the copy protection identification KI in encrypted form and, on he other hand, 
references a list of user programs that has [sic] been licensed to the user by the 
manufacturer as a result of the purchase. 



processing system of the user and is started. The installation program contains a 
menu prompt and asks for the input of the copy protection identification KI given to 
the user, of the user identification AI and of the product identification PI (step 12). A 
check is carried out in step 14 to see whether the copy protection identification KI E 
that has been input coincides with the copy protection identification KI D contained in 



An exemplary embodiment of the invention is explained below on the 



Figure 1 shows the critical steps of the method on the basis of a simple 



In Figure 1, step 10, the installation program is loaded on the data 




the dongle. When this is not the case, then a branch to the right is made is step 14 and 
the program execution is aborted. 

An authentification of the installation program and of the key program 
ensues in a following step 16, i.e. a check is carried out to see whether the installation 
5 program originally contained on the storage medium and the key program are allowed 
to mutually call one another. The authentification ensues, for example, according to 
the challenge-response principle, which represents a standard method for the 
protection of programs. When the authentification proceeds successfully, a branch is 
made to step 18; otherwise, a program abort follows. The sequence of the steps can 
10 also be such that step 16 is run first and step 14 thereafter, 
ffl In step 18, the encrypted product identification PI that, for example, has 

Sj been encrypted according to the high-compression Huffmann-Baum method is 

jjjj deciphered. The user identification AT given to the user is used as key in this 

%Q deciphering. The result of the deciphering step 1 8 is that the copy protection 

q 15 identification KI PI and the list of user programs wanted by the user is obtained. 

In the following step 20, this list of the user programs is checked for 
plausibility, i.e. a determination can be made as to whether the correct user programs 
are present. Additionally, a checksum check of the list ensues in order to prevent au 
unauthorized expansion of the license on the part of the customer (signature function). 
2 0 In step 12, the copy protection identification KI PI contained in the product 

identification PI is compared to the copy protection identification KI D of the dongle of 
the data processing system. One proceeds to the next step 24 given coincidence. 
Otherwise, the program execution is aborted. In step 24, the user can again make a 
selection from the list of user programs he requested, for example select those user 

2 5 programs that are minimally needed for handling a specific job. 
In the following step 26, datafiles that are needed for the user programs 

and their running are established in the data processing system. The key program 
enters the copy protection identification KI into predetermined memory areas for the 
selected user programs. The installation of the user programs has thus been ended in 

3 0 step 28. 
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When running the user programs, the copy protection identification KI 
contained in the respective user program is compared to the copy protection 
identification KI D of the dongle, as traditionally. The user program is run by the data 
processing system only given coincidence. 

As can be seen, advantages derive both at the producer side as well as at 
the user side. The producer can store a plurality of user programs on the available 
storage medium, for example all user programs that are made available to users. 
Thus, the producer need not write a new storage medium dependent on the order of a 
specific user; rather, a limitation can be made to a single storage medium or to a few 
storage media. The outlay for offering storage media is lowered in this way. A 
similar advantage derives on the part of the user. The user, upon delivery, receives a 
plurality of user programs from which the user can enable precisely those that the user 
had ordered and purchased. When the user would like to purchase another user 
program at a later time, then the only thing required is the enable of this user program, 
which already exists, by handing over a new product identification PL The user 
identification AI can remain the same. The installation itself is simple and only 
requires a short time. The delivery of a new dongle or of a new storage medium is not 
required in many cases. 

The executive sequence shown in Figure 1 can be modified in many 
respects. For example, the user programs can also be kept on hand in a central storage 
medium that the user can access with the Internet. Another modification provides 
that, after a number of user programs have been offered to the user, these are only 
partly enabled and activated for demonstration purposes of user programs that were 
not ordered. The user can then see the advantage of such further user programs and 
potentially order them, whereby a new storage medium for example a new CDROM, 
need not be sent. 

On the basis of a flowchart, Figure 2 shows the advantages of said method 
when a new user, who does not yet have access to the storage medium with the user 
programs, orders user programs (block 30) and is licensed therefor by the producer. 
The producer defines the user data, i.e. a user identification AI and a product 
identification PI are produced; further, a dongle with a copy protection identification 
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KI is offered (block 32). Said data are stored (block 34) in a data bank. The user is 
provided with the user data, i.e. the dongle, the copy protection identification KI, the 
product identification PI and the user identification AI. Further, the user is provided 
with a CDROM on which a plurality of user programs is stored (block 36). The 
installation of the user programs selected by the user ensues at the user according to 
the executive sequence steps according to Figure 1 (block 38). 

Figure 3 shows the executive sequence when an old user, who already has 
a CDROM with the plurality of user programs, a dongle, a copy protection 
identification KI and a user identification AI, orders user programs (block 40). The 
producer defines the user data (block 42), i.e. the product identification PI (block 44). 
The user identification AI can remain the same. The corresponding data are stored in 
the data bank (block 46). The user data are given to the user (block 48). The 
installation of the user programs ensues according to the method steps (block 50) 
indicated in Figure 1 . 




List or Reference Characters 

10 through 28 method steps 



30 through 50 

KI 

KI D 

KI E 

KI PI 

AI 
PT 



blocks 

copy protection identification 

copy protection identification in the dongle 

the copy protection identification input by the user 

the copy protection identification contained in the product 

identification PI 

user identification 

product identification 



